NVUSD Email Security

NVUSD does NOT initiate contact with students, parents or employees by email, text messages or social media channels to request personal or financial information. This includes requests for phone numbers, PIN numbers, passwords or similar access information for credit cards, banks or other financial accounts.

PHISHING

What can you do if you receive a phishing email from NVUSD?

"Phishing" is typically carried out through unsolicited communications in which the attacker tries to learn information such as login credentials or account information by pretending to be a reputable organization or person.

Remember if you're looking at your email, you are already signed in. You don't need to provide your username or password to open a PDF -- even from someone within the school district.

Some phishing attempts are sloppy and easy to figure out. Some look professional and may be using a legitimate company's logo and website. Don't take the bait! You don't need to provide your user information from an email request.

If you are tricked into providing your information, we advise contacting your service providers (internet, bank, credit card, social media) to change your password immediately and to flag suspicious activity.

Keeping Your Information Safe

There's no way around this: Information stored and sent over email is vulnerable. For example, if you post an email to your spouse with a banking password, anybody who monitors your connection (or gets into your account) can instantly retrieve it and gain access to your financial accounts.

Fortunately, hackers are lazy. They use automated processes to take care of most of the work, and prefer to go only after easy targets. If you can avoid making yourself one of those, you'll dramatically reduce your risk of suffering a breach.

How can you do this? The following best practices are a must:

Don't open attachments in unfamiliar emails. This should be a given by now, but email attachments are still a popular way to circulate malware. All it takes is one click, and you could download harmful spyware. Only open attachments from familiar sources!

Don't click on suspect links. If a link looks hidden, or if it comes from an unfamiliar source, don't click it. It might take you to an unspecified location and possibly inject malware into your machine when you attempt to download the page. Be aware of any discrepancies in links that look mostly but not entirely familiar, such as "Amaz0n" instead of "Amazon," and any shortened links.

Pick a strong password (and change it regularly). This is crucial. A weak password is one that can be easily guessed, so come up with a password that has upper-case letters, lower-case letters, numbers, and symbols, and make it unrelated to your personal life. Then, change the password regularly to increase your security even further.

Avoid unsecured WiFi. Unsecured Wi-Fi connections are open invitations to cybercriminals. They can gain public access to the system, and view any traffic you send or receive; which basically means they've gained access to your account. Always secure your home network, and be extra cautious when using unsecured public WiFi.

Avoid sending unnecessary personal information. One type of scam, phishing, involves goading a user to send personal login information--usually under the guise of a communication from an official but familiar company. As a general rule, it's best to avoid sending any personal information over email (unless you absolutely have to).